ACK: [SRU][Focal][PATCH v2 0/2] CVE-2023-3268

Tim Gardner tim.gardner at canonical.com
Wed Jul 12 14:25:05 UTC 2023


On 7/11/23 4:22 PM, Yuxuan Luo wrote:
> [Impact]
> An out of bounds (OOB) memory access flaw was found in the Linux kernel
> in relay_file_read_start_pos in kernel/relay.c in the relayfs. This
> flaw could allow a local attacker to crash the system or leak kernel
> internal information.
> 
> [Backport]
> There are clean cherry picks.
> 
> [Test]
> Only compile and boot tested so far, the test against proof of concept
> will come up later.
> 
> [Potential Regression]
> Expect low risk of regression.
> 
> Pengcheng Yang (1):
>    kernel/relay.c: fix read_pos error when multiple readers
> 
> Zhang Zhengming (1):
>    relayfs: fix out-of-bounds access in relay_file_read
> 
>   kernel/relay.c | 18 ++++++++----------
>   1 file changed, 8 insertions(+), 10 deletions(-)
> 
Acked-by: Tim Gardner <tim.gardner at canonical.com>
-- 
-----------
Tim Gardner
Canonical, Inc




More information about the kernel-team mailing list